Some say government must defend the financial services sector along with other critical infrastructure, not just regulate financial services to ensure cybersecurity. What organizations are finding is that the costs of cybersecurity breaches -- and rise of compliance regulations designed to prevent them -- engage the finance role in government operations and other organizations, creating an emerging role: the cybercountant.
The cybercountant is not a movie cyborg, it’s a talented numbers nerd with responsibilities in the tech domain.
Gregory Garrett, head of international cybersecurity for the global firm BDO, said in a prepared statement:
We are witnessing a budding crisis in the implementation of cybersecurity information governance, risk management and compliance requirements and organisations are facing ever more stringent cybersecurity regulations: it is not surprising that many of them feel overwhelmed. The recruiting, staffing, training and retention of cybersecurity talent is a significant challenge for nearly all companies -- and the global shortage of experienced cybersecurity professionals is expected to increase over the next three to five years. It is vital that finance, risk and compliance management professionals in public and private organisations -- in particular SMEs -- step up and take ownership of the growing financial responsibilities in cybersecurity.”
IT and finance managers already work together getting systems back online, but also in writing to regulators, investors, filing insurance claims and compensating losses after a cybersecurity breach. In organizations with limited resources and staff, the cybercountant role already exists.
BDO indicates that it’s the finance directors that bring value to cybersecurity strategies, with a holistic approach that integrates risk management, compliance, reporting, business continuity and more. Finance executives understand and integrate key drivers and can provide resilience by leveraging sourcing, systems, staffing, assets and risks. The engagement of finance and cybersecurity cuts across the following operations modalities, according to BDO:
Compliance – Mandatory breach reporting and cybersecurity compliance oversight naturally engages the chief compliance officer, who is usually located in the finance department. In organizations where roles are often combined, it may be the finance manager who overseas cyber compliance.
Valuation – On top of legal, insurance and technology costs, cyber incidents damage reputation. Finance managers will leverage their cybersecurity knowledge to estimate the value of an organisation’s cyber defences, as well as the impact of a breach on overall valuation.
Procurement - Cyber supply chain risks all intersect inside the finance department.
Risk - Risk managers that oversee the risks of organisation, employees, clients, reputation, assets and the interests of stakeholders are converging with operational risk. Treasury is a key factor in cybersecurity risk exposure and ensuring adequate coverage.
It seems the rise of the cybercountant is an emerging trend in both government and the private sector. Still not certain? Consider that Accounting Today reported in October 2017, “accountants hold a special place of honor in the hacker community,” because they are privy to an organization’s sensitive information, and cyber thieves would love to get their hands on data in accounting computer systems.
So if you are a public agency finance manager, and a shiny target for cybercriminals, you are already in the business of government cybersecurity.
